The term "selective disclosure" covers a range of sins, but when it comes to use in the browser, the most interesting is perhaps the use of zero-knowledge proofs, which can provide strong unlinkability properties. Well... if certain conditions are met.
There are selective disclosure cases where verifier-verifier linkability is a near certainty because the bits of the signature are exposed. I can't conceive of any case where that makes sense to support on the web. Thankfully, obtaining fresh credentials from the issuer can avoid that problem in most cases.
However, verifier-issuer linkability is often a property of those same cases. This might be equally concerning and motivate the use of zero-knowledge proofs, which can provide verifier-issuer unlinkability.
However, there is still the question of the anonymity set size. Even in a zero-knowledge system, the information that is revealed (e.g., person is over 18, person has a given trait, etc...) is still present.
The revealed information generally has fairly obvious properties. Managing that risk is probably a user interaction question. "Do you want to give this website your passport details?" is a question with fairly obvious privacy implications relative to "do you want to reveal that you are licensed to drive?"
However, the present API shape also reveals the identity of the issuer. That's not strictly required, but it is how things work presently.
The fact that someone holds a credential from a particular issuer carries information in a far less obvious way. If there are many issuers, then it is possible that the choice of issuer could be more of a privacy risk than the information that is more directly revealed.
This is probably not something that people think about generally. Wallets generally don't hold a huge number of credentials or have a huge diversity of providers. But this is the web and there are lots of potential providers. If these credentials are going to be used for age verification, maybe it shouldn't be possible to learn where someone obtained the necessary certification.
The term "selective disclosure" covers a range of sins, but when it comes to use in the browser, the most interesting is perhaps the use of zero-knowledge proofs, which can provide strong unlinkability properties. Well... if certain conditions are met.
There are selective disclosure cases where verifier-verifier linkability is a near certainty because the bits of the signature are exposed. I can't conceive of any case where that makes sense to support on the web. Thankfully, obtaining fresh credentials from the issuer can avoid that problem in most cases.
However, verifier-issuer linkability is often a property of those same cases. This might be equally concerning and motivate the use of zero-knowledge proofs, which can provide verifier-issuer unlinkability.
However, there is still the question of the anonymity set size. Even in a zero-knowledge system, the information that is revealed (e.g., person is over 18, person has a given trait, etc...) is still present.
The revealed information generally has fairly obvious properties. Managing that risk is probably a user interaction question. "Do you want to give this website your passport details?" is a question with fairly obvious privacy implications relative to "do you want to reveal that you are licensed to drive?"
However, the present API shape also reveals the identity of the issuer. That's not strictly required, but it is how things work presently.
The fact that someone holds a credential from a particular issuer carries information in a far less obvious way. If there are many issuers, then it is possible that the choice of issuer could be more of a privacy risk than the information that is more directly revealed.
This is probably not something that people think about generally. Wallets generally don't hold a huge number of credentials or have a huge diversity of providers. But this is the web and there are lots of potential providers. If these credentials are going to be used for age verification, maybe it shouldn't be possible to learn where someone obtained the necessary certification.